This is information about a single report in the Awooga system.
| URLs | http://phppot.com/php/php-change-password-script/ | ||
|---|---|---|---|
| Issues | sql-injection | Unresolved |
This site contains a large number of SQL injections, all or mostly involving the legacy mysql library. Interestingly the author cites parameterisation as a benefit of MySQLi elsewhere on the site. |
| password-clear | Unresolved | (No comments added) | |
| deprecated-library | Unresolved | (No comments added) | |
| Description |
A site with a large number of scripts featuring SQL injection vulnerabilities. A number of articles, including this one, incorrectly advise programmers to store passwords in plain text. |
||
| Source | Repo: 1 | ||
| Author notified? | No | ||